package com.thinkgsp.webapp.controller.base;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.thinkgsp.sys.model.SysUser;
import com.thinkgsp.sys.service.SysUserService;
import com.thinkgsp.webapp.controller.BaseController;

@Controller
@RequestMapping(value = "/sys")
public class RoleController extends BaseController{
	
	private SysUserService sysUserService;
	@Autowired
	public void setSysUserService(SysUserService sysUserService){
		this.sysUserService=sysUserService;
		
	}
	@RequestMapping("/roles.do")
    @ResponseBody
    public Object roles(HttpServletRequest request,
			HttpServletResponse response){
		SysUser user =null;
		String idstr=request.getParameter("userId");
		if(!StringUtils.isBlank(idstr)){
			Integer userId=Integer.decode(idstr);
			user=this.sysUserService.getUser(userId);
		}else{
			user = (SysUser) SecurityContextHolder.getContext()
				    .getAuthentication()
				    .getPrincipal();
		}
		
		//Collection<GrantedAuthority> authorities = (Collection<GrantedAuthority>) user.getAuthorities();
		
		return user.getRoles();
	}
}
